import { SetMetadata } from '@nestjs/common';
import { SecurityEventType, SecurityLevel } from '../entities/security-log.entity';

export interface SecurityLogOptions {
  eventType: SecurityEventType;
  securityLevel?: SecurityLevel;
  eventTitle: string;
  eventDescription?: string;
  autoLog?: boolean; // 是否自动记录
}

export const SECURITY_LOG_KEY = 'security_log';

export const SecurityLog = (options: SecurityLogOptions) =>
  SetMetadata(SECURITY_LOG_KEY, options);

// 预定义的安全日志装饰器
export const LogAuthSuccess = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.AUTH_SUCCESS,
    securityLevel: SecurityLevel.LOW,
    eventTitle,
    eventDescription: eventDescription || `用户成功执行: ${eventTitle}`,
    autoLog: true,
  });

export const LogAuthFailed = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.AUTH_FAILED,
    securityLevel: SecurityLevel.HIGH,
    eventTitle,
    eventDescription: eventDescription || `认证失败: ${eventTitle}`,
    autoLog: true,
  });

export const LogUnauthorizedAccess = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.UNAUTHORIZED_ACCESS,
    securityLevel: SecurityLevel.HIGH,
    eventTitle,
    eventDescription: eventDescription || `未授权访问: ${eventTitle}`,
    autoLog: true,
  });

export const LogPermissionDenied = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.PERMISSION_DENIED,
    securityLevel: SecurityLevel.HIGH,
    eventTitle,
    eventDescription: eventDescription || `权限拒绝: ${eventTitle}`,
    autoLog: true,
  });

export const LogValidationError = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.VALIDATION_ERROR,
    securityLevel: SecurityLevel.MEDIUM,
    eventTitle,
    eventDescription: eventDescription || `验证错误: ${eventTitle}`,
    autoLog: true,
  });

export const LogBusinessError = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.BUSINESS_ERROR,
    securityLevel: SecurityLevel.MEDIUM,
    eventTitle,
    eventDescription: eventDescription || `业务错误: ${eventTitle}`,
    autoLog: true,
  });

export const LogSystemError = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.SYSTEM_ERROR,
    securityLevel: SecurityLevel.HIGH,
    eventTitle,
    eventDescription: eventDescription || `系统错误: ${eventTitle}`,
    autoLog: true,
  });

export const LogSuspiciousActivity = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.SUSPICIOUS_ACTIVITY,
    securityLevel: SecurityLevel.HIGH,
    eventTitle,
    eventDescription: eventDescription || `可疑活动: ${eventTitle}`,
    autoLog: true,
  });

export const LogRateLimitExceeded = (eventTitle: string, eventDescription?: string) =>
  SecurityLog({
    eventType: SecurityEventType.RATE_LIMIT_EXCEEDED,
    securityLevel: SecurityLevel.HIGH,
    eventTitle,
    eventDescription: eventDescription || `频率限制: ${eventTitle}`,
    autoLog: true,
  });
